RDP through a ssh tunnel

How to access RDP if firewall is closed down, and access to server is restricted to a few ips:

ssh user@allowed.server.com -L 3389:windows.server.com:3389
# and in a different terminal:
rdesktop -uadministrator -pp455w0rd localhost

That's it! Secure encrypted rdesktop session :)

more…

Detecting Conficker with nmap

As the Conficker worm is vastly discussed and getting a lot of attention, latest nmap version can detect it, won't post here how, here's the direct link to the resource:

http://www.net-security.org/secworld.php?id=7252

more…

How to check SpamAssassin version

Quick one-liner for checking spamassassin version:

[root@server ~]# perl -MMail::SpamAssassin -e 'print $Mail::SpamAssassin::VERSION;'
3.002004
more…

vsftpd - chroot users to their homedir

Open the vsftpd configuration file - /etc/vsftpd/vsftpd.conf

nano /etc/vsftpd/vsftpd.conf

Make sure following line exists (and uncommented):

chroot_local_user=YES

Save and close the file. Restart vsftpd.

/etc/init.d/vsftpd restart
more…

Using mod_evasive for dos attack prevention

A quick solution for blocking dos attacks can be mod_evasive Installing mod_evasive on an apache2 web server:

# mkdir -p /root/tmp
# cd /root/tmp
# wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
# tar zxvf mod_evasive_1.10.1.tar.gz
# cd mod_evasive
# apxs -cia mod_evasive20.c

then …

more…